Monday, September 25, 2017
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Microsoft Announces First Windows S Devices, Brings cloud, AI and Mixed Reality to Businesses
Fitbit's Ionic Smartwatch Goes on Sale on October 1st
Levi's Commuter Trucker Jacket Goes on Sale
Samsung Foundry Tapes Out eMRAM Test Chip Based on 28nm FD-SOI Process
8th Generation Intel Core "Coffee Lake" Desktop Processors are Launching today
Showa Denko Starts Shipments of 2.5-Inch 1 TB HD Media
Russian Firm Unveils 'surveillance-proof' Smartphone
Intel Kills Project Alloy VR Headset
Active Discussions
Which of these DVD media are the best, most durable?
How to back up a PS2 DL game
Copy a protected DVD?
roxio issues with xp pro
Help make DVDInfoPro better with dvdinfomantis!!!
menu making
Optiarc AD-7260S review
cdrw trouble
 Home > News > Mobiles > Malware...
Last 7 Days News : SU MO TU WE TH FR SA All News

Monday, October 05, 2015
Malware Attacks Non-jailbroken Apple iOS Devices


Researchers at Palo Alto Networks have recently discovered 'YiSpecter', a malware ppearing to come from an advertising company in China capable of infecting Apple’s mobile devices.

YiSpecter attacks both jailbroken and non-jailbroken iOS devices through unique and harmful malicious behaviors. Specifically, it’s the first malware the researchers have seen in the wild that abuses private APIs in the iOS system to implement malicious functionalities.

So far, the malware primarily affects iOS users in mainland China and Taiwan. It spreads via unusual means, including the hijacking of traffic from nationwide ISPs, an SNS worm on Windows, and an offline app installation and community promotion.

YiSpecter consists of four different components that are signed with enterprise certificates. By abusing private APIs, these components download and install each other from a command and control (C2) server. Three of the malicious components use tricks to hide their icons from iOS’s SpringBoard, which prevents the user from finding and deleting them. The components also use the same name and logos of system apps to trick iOS power users.

On infected iOS devices, YiSpecter can download, install and launch arbitrary iOS apps, replace existing apps with those it downloads, hijack other apps’ execution to display advertisements, change Safari’s default search engine, bookmarks and opened pages, and upload device information to the C2 server. According to victims’ reports, all these behaviors have been exhibited in YiSpecter attacks in the past few months. Some other characteristics about this malware include:

  • Whether an iPhone is jailbroken or not, the malware can be successfully downloaded and installed
  • Even if you manually delete the malware, it will automatically re-appear
  • Using third-party tools you can find some strange additional "system apps" on infected phones
  • On infected phones, in some cases when the user opens a normal app, a full screen advertisement will show

Moreover, recent research shows that over 100 apps in the App Store have abused private APIs and bypassed Apple’s strict code review. What that means is the attacking technique of abusing private APIs can also be used separately and can affect all normal iOS users who only download apps from the App Store.

Palo Alto Networks has released IPS and DNS signatures to block YiSpecter’s malicious traffic.



Previous
Next
Facebook To Offer Satellite Internet To Africans        All News        European High Court To Issue Privacy Ruling On Tuesday Affecting U.S. Tech Companies
Android 6 Marshmallow Coming On Nexus Devices     Mobiles News      Motorola Outlines Android Marshmallow Update Plans

Get RSS feed Easy Print E-Mail this Message

Related News
watchOS 4 Brings Fitness Features, iOS 11 Coming this Fall
New iPad Pro Models Get Advanced Displays and iOS11, macOS High Sierra Brings Enhancements to Storage, Video and Graphics
Cloak and Dagger Security Hole in Android Discovered
Alleged NSA Malware Does Not Affect Microsoft Users
BIOSTAR Launches The M200 M.2 SSD
Preinstalled Malware May Be Targeting Your Android Phone
New Mac OS X Malware Steal Passwords, And iPhone Backups
Researchers Say 1 Million Google Accounts Breached by "Gooligan"
BIOSTAR Racing P1 Mini PC Released
Android Devices Vulnerable To Physical RAM Attack
BIOSTAR Expands Storage Line-up with S100 Series SSDs
Millions Of Android Devices Infected With Chinese Malware

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2017 - All rights reserved -
Privacy policy - Contact Us .